This endpoint requires the JSON body with user login credentials and the api-key in the headers.
Upon successful authentication, the response will return the authorisation token with a limited validity for any subsequent requests.
\n","urlObject":{"protocol":"https","path":["rest","membership","login"],"host":["api","sportstg","com"],"query":[],"variable":[]}},"response":[{"id":"01c7db49-bf6a-44b4-9854-ff3368804dee","name":"Login","originalRequest":{"method":"POST","header":[{"key":"api-key","value":"{{api-key}}","type":"text"}],"body":{"mode":"raw","raw":"{\n \"username\":\"{{username}}\",\n \"password\": \"{{password}}\"\n}","options":{"raw":{"language":"json"}}},"url":"https://api.sportstg.com/rest/membership/login"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Date","value":"Mon, 13 Dec 2021 00:29:18 GMT"},{"key":"Content-Type","value":"application/json;charset=UTF-8"},{"key":"Content-Length","value":"291"},{"key":"Connection","value":"keep-alive"},{"key":"Server","value":"Microsoft-IIS/10.0"},{"key":"Strict-Transport-Security","value":"max-age=31536000; includeSubDomains"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-Frame-Options","value":"SAMEORIGIN"},{"key":"X-XSS-Protection","value":"1; mode=block"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Login Successful\",\n \"success\": true,\n \"token\": \"token\",\n \"refreshToken\": \"refreshToken\"\n}"}],"_postman_id":"0c4a02fa-8463-42c5-a961-8f58f89e6cb5"},{"name":"member details","id":"2a27461f-c8f2-4312-9079-fafaeaa52e71","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"Authorization","value":"{{token}}","type":"text"},{"key":"api-key","value":"{{api-key}}","type":"text"}],"body":{"mode":"raw","raw":""},"url":"https://api.sportstg.com/rest/membership/memberdetails","description":"Passing the correct authorization token along with the api-key will return the required member data.
Passing the refreshToken along with the api-key will return new authorization token and refreshToken. The new authorization token can be used to fetch member details. refreshToken is used to fetch new tokens. Please note the refreshToken can not be used to fetch member details only authorization token should be used.
The GameDay Classic Membership APIs are using REST architectural style. Our APIs have predictable resource-oriented URLs, accepts form-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs. You can use the Classic Fan Membership APIs to retrieve data for Members, on your access level in a programmatic format.
\nTo get started with consuming the APIs and to gain access to required data, please reach out to GameDay support or your Project Manager with the following details:
\nOnce we have the required information we will configure your APIs and send over the below details:
\napi-keyIf you already have the above please follow through.
\nThe GameDay Classic APIs use different modes of authentication and authorisation mechanisms to provide you with the necessary data in a secure manner. GameDay Classic uses api-key and user credentials to go through authentication process. This means customers have to be registered through our onboarding process and get the required api-key. The key along with the login credentials (username and password in the request body) will need to be passed to the API to get the authorization token. The authorization token should then be sent as Authorization along with the api-key for calling other APIs in order to receive the expected results. Please note that api-key is required to pass in every subsequent requests.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
\nauthorization token based on the api-key. In order to do this please send a POST request using api-key to the login endpoint (example provided below). The authorization token is valid for a limited time only (60 minutes).authorization token for subsequent API calls. Please bear in mind, if the authorization token expires your GET requests won't be able to retrieve the data.refreshToken is also returned along with the authorization token in the login endpoint response. More information about the refreshToken is available in the refreshToken section.api-key should be present in header of each request.For security purposes, access tokens may be valid for a short amount of time. Once they expire, client applications can use a refresh token to \"refresh\" the access token. That is, a refreshToken is a credential that lets a client application get new access tokens without having to ask the user to log in again. This way the session can be active by utilising the refreshTokens.
\nThe standard Error codes and Custom error messages are sent back in case of exceptions and are listed alongside the APIs.
\n{ \"success\": false, \"message\": \"API key not present, access denied.\" }\n{ \"success\": false, \"message\": \"Authorization token invalid or not present, access denied.\" }\n{ \"success\": false, \"message\": \"Authentication failed, access denied.\" }\n{ \"success\": false, \"message\": \"Signature verification failed: Token expired\"}\n{ \"success\": false, \"message\": \"Invalid key, access denied.\"}\n{ \"success\": false, \"message\": \"API key not present, access denied.\"}\n\n{ \"success\": false, \"message\": \"Error fetching member data.\" \n\n{ \"success\": false, \"message\": \"Bad request.\" }\n{ \"success\": false, \"message\": \"Incorrect login credentials, access denied.\" }\n\nAPI rate limits would be set based on the customers’ requirements to consume APIs.
\n","event":[{"listen":"prerequest","script":{"id":"0097c12a-2cc5-489b-b9e8-6432685f3163","type":"text/javascript","exec":[""]}},{"listen":"test","script":{"id":"9707dcd3-1a7f-4543-8d41-4ea620300460","type":"text/javascript","exec":[""]}}],"_postman_id":"f7c7d3ab-e4ea-4bbe-bcc3-41867e7d68fc"}]}